Today > | 7 High | 24 Medium | 8 Low vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-41882

Dec. 24, 2024, 6:15 a.m.

Tags

CWE-119
fc9afe74-3f80-4fb7-a313-e6f036a89882
2024-12-24
CVE-2024-41882

Product(s) Impacted

NVR

Description

Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. An attacker can cause a stack overflow by entering large data into URL parameters, which will result in a system reboot. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.

Weaknesses

CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

CWE ID: 119

Date

Published: Dec. 24, 2024, 6:15 a.m.

Last Modified: Dec. 24, 2024, 6:15 a.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

fc9afe74-3f80-4fb7-a313-e6f036a89882

References

https://www.hanwhavision.com/ fc9afe74-3f80-4fb7-a313-e6f036a89882